cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Policy push breaks ssh session how can I fix this?

Policy push breaks ssh session

Has anyone run into any issues where they are not able to log in using ssh into a CP firewall (77:30) after policy push.
The only way to get back in with console the run fw unloadlocal in order to ssh back into the firewall. We use dynamic objects and all of the firewall IPs are correct. I have been looking at this for a about a week with no solution. Any thoughts?

When the policy is install it breaks SIC once fw unloadlocal is run, SIC is communicating again.

0 Kudos
3 Replies

Re: Policy push breaks ssh session how can I fix this?

Seems that the rule base is configured in a wrong way - did the issue appear after some changes were made ? You should see the drops caused by SSH and SIC communication in logs...

0 Kudos
Danny
Pearl

Re: Policy push breaks ssh session how can I fix this?

What does your log show according to dropped SSH and SIC traffic?

0 Kudos

Re: Policy push breaks ssh session how can I fix this?

You are both correct.

I did make a change on that FW rule . I did not think to look at the logs to see that was happening. Now that you said that I checked and  see blocked traffic on ssh.

I did get it resolved by going back and auditing the dynamic objects and the rule. I did see a specific rule where the traffic was being blocked. I added the IP address in the dynamic object list, reinstalled policy, and still able to get in using ssh.

I have a question that has been troubling me in tracker " the interface column". Should it show me two way traffic (--> and <--). Normally I only see this " "and none going in the other direction (rarely). Does this mean traffic going out of the Mgmt interface, out of the firewall, out to the internet or is it traffic coming in from the internet into the firewall through the Mgmt interface?

0 Kudos